VMware has addressed a pair of vulnerabilities in vRealize Operations that, when chained together, could result in unauthenticated remote code execution in vulnerable servers. Background On March 30, VMware released a security advisory (VMSA-2021-0004) to address two vulnerabilities in vRealize Operations, an AI-powered IT operations management platform for multi-cloud, private and hybrid environments. These vulnerabilities affect vRealize Operations, and also impact VMware Cloud Foundation (vROps) and vRealize Suite Lifecycle Manager (vROps). VMware has attributed the…

Two cast members of an American reality TV show have been indicted in connection with a nationwide telemarketing fraud scheme that victimized the elderly.  Real Housewives of Salt Lake City stars Jennifer Shah and Stuart Smith were arrested on March 30 and charged with conspiracy to commit wire fraud and conspiracy to commit money laundering.  It is alleged that from 2012 until March 2021, 47-year-old Shah and 43-year-old Smith defrauded hundreds of victims throughout the United…

Intrigue and Espionage May not Come to Mind when You Think of MFT—But it Should By Gregory Hoffer, CEO, Coviant Software When you think about secure, managed file transfer (you do think about that, right?), it’s not likely that the topic of international intrigue and espionage comes to mind. Yet, according to the Wall Street Journal, that’s precisely what you should be thinking about. In a March 10, 2021 article entitled, Solving Data-Transfer Impasse May…

Is the Clubhouse App a Safe Place for Kids to Hangout? Most of us have fond summer memories of hanging out with friends in a secret clubhouse. However, this isn’t that. While the word clubhouse stirs up instant feelings of belonging to a group of friends, the digital Clubhouse app, we’re referencing is a meeting hub for users over 18. Currently, still in its beta phase, Clubhouse is by invitation only. This exclusivity is also…

Experts discovered that 30 malicious Docker images with a total number of 20 million pulls were involved in cryptomining operations. Palo Alto Network researcher Aviv Sasson discovered 30 malicious Docker images, which were downloaded 20 million times, that were involved in cryptojacking operations. The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining…

Welcome to reality Ever since I started working in IT Security more than 10 years ago, I wondered, what helps defend against malware the best? This simple question does not stand on its own, as there are several follow-up questions to that: How is malware defined? Are we focusing solely on Viruses and Trojans, or do we also include Adware and others? What malware types are currently spread across the globe? What died of old…

Malware is being hidden in seemingly legitimate files that gamers download to install cheat codes or modifications, says Cisco Talos. Image: Getty Images/iStockphoto Cybercriminals have launched a new malware attack aimed at video game players. SEE: Hiring Kit: Game Developer (TechRepublic Premium) In a report published Wednesday, security firm Cisco Talos said it discovered a campaign in which attackers are concealing malware inside otherwise legitimate files. These files are ones typically downloaded by gamers and modders (people…